CVE-2026-4761

Published: Mar 25, 2026 Last Modified: Mar 25, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 3,3

Source: 30aa36b7-a224-4bc9-b7d3-abea20aa4887

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

When
a certificate and its private key are installed in the Windows machine
certificate store using Network and Security tool, access rights to the private
key are unnecessarily

granted to the operator group.

* Installations based on Panorama Suite 2025 (25.00.004) are vulnerable unless update PS-2500-00-0357 (or higher) is installed
*
Installations based on Panorama Suite 2025 Updated Dec. 25 (25.10.007) are not vulnerable

Please refer to security bulletin BS-036, available on the Panorama CSIRT website: https://my.codra.net/en-gb/csirt .

732

Incorrect Permission Assignment for Critical Resource

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Access Control Integrity Other

Potential Impacts:

Read Application Data Read Files Or Directories Gain Privileges Or Assume Identity Modify Application Data Other

Applicable Platforms

Technologies: Not Technology-Specific, Cloud Computing

Likelihood of Exploit: High

View CWE Details

https://my.codra.net/api/csirt/download?resourceId=1469&fil…

https://my.codra.net/api/csirt/download?resourceId=1469&fileType=FichierPDF

CVE-2026-4761

Description

Incorrect Permission Assignment for Critical Resource

Common Consequences

Applicable Platforms

Iscriviti alla newsletter